CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.

The latest SHub macOS infostealer variant abandons Terminal-based ClickFix tactics for AppleScript execution, using fake Apple, Google, and Microsoft branding to steal credentials, crypto wallets, and ...

Tom Howe has seen his share of internet firefights — he still remembers keeping Disney+ afloat the night WandaVision launched ...

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix maps every blind spot and fix.

Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by ...

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

AI is changing the economics of DeFi attacks, forcing protocols to choose between ideological purity and survival.

ROCHESTER, N.Y. — An AMBER ALERT was issued Saturday in connection to two children who police say went missing. That alert was canceled late Saturday night. 🚨UPDATE: The AMBER Alert issued on behalf ...

The infant at the center of an Amber Alert is expected to make a full recovery, and no arrests have been made, authorities said. The Phoenix Police Department issued the alert for Ollie Olson, a 5-day ...

AI-powered attacks and shadow AI adoption are creating new security risks inside the browser. Push Security explains why ...

Don't waste your time on AI job scams. I spoke with experts about the warning signs to watch for -- and how to tell AI-generated job listings from legitimate opportunities.